{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T02:36:48.414","vulnerabilities":[{"cve":{"id":"CVE-2016-6546","sourceIdentifier":"cret@cert.org","published":"2018-07-13T20:29:00.427","lastModified":"2024-11-21T02:56:19.783","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext."},{"lang":"es","value":"La aplicación móvil de iTrack Easy almacena la contraseña de la cuenta usada para autenticarse en la API cloud en cifrado base64 en el archivo cache.db. El formato de cifrado base64 se considera equivalente a texto claro."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cret@cert.org","type":"Secondary","description":[{"lang":"en","value":"CWE-313"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-255"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kkmcn:itrackeasy:-:*:*:*:*:*:*:*","matchCriteriaId":"D96B7248-FF71-4D06-BA43-679A7DB14E35"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/93875","source":"cret@cert.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/","source":"cret@cert.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kb.cert.org/vuls/id/974055","source":"cret@cert.org","tags":["Third Party Advisory","US Government Resource"]},{"url":"http://www.securityfocus.com/bid/93875","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blog.rapid7.com/2016/10/25/multiple-bluetooth-low-energy-ble-tracker-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kb.cert.org/vuls/id/974055","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}